http_port 8080 hierarchy_stoplist cgi-bin ? # acl QUERY urlpath_regex cgi-bin \? acl bad-files url_regex -i "/u1/squid/etc/bad-files" acl good-files url_regex "/u1/squid/etc/good-files" http_access deny bad-files !good-files # no_cache deny QUERY # # My hard drive is 64GB and I wanted to keep some space free # for a few days worth of logs, etc. # cache_dir aufs /data/squidcache 51200 64 256 # maximum_object_size 32 MB # cache_mem 4 MB cache_swap_low 97 cache_swap_high 98 # ipcache_size 4096 ipcache_low 90 ipcache_high 95 fqdncache_size 4096 buffered_logs off cache_replacement_policy heap LFUDA cache_access_log /data/squidlogs/access.log # cache_access_log /data/squidcache # cache_log /dev/null cache_store_log none ftp_user ftp@MYCORP.COM debug_options ALL,1 quick_abort_min 1 KB quick_abort_max 1048576 KB quick_abort_pct 90 connect_timeout 30 seconds read_timeout 5 minutes request_timeout 30 seconds client_lifetime 2 hour half_closed_clients off pconn_timeout 120 seconds ident_timeout 10 second shutdown_lifetime 15 seconds request_header_max_size 100 KB request_body_max_size 1000 KB refresh_pattern ^ftp: 1440 50% 86400 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 50% 86400 acl RAS src 192.168.0.0/16 acl Old_Net src 10.10.0.0/16 acl Old_Corp src 10.11.0.0/16 acl ACME src 10.12.0.0/16 acl Bldg_One src 10.13.0.0/16 acl Bldg_Two src 10.14.0.0/16 acl Bldg_Three src 10.15.0.0/16 acl Bldg_Four src 10.16.0.0/16 # acl EXT_sixteen src 172.16.0.0/16 acl EXT_seventeen src 172.17.0.0/16 acl EXT_eighteen src 172.18.0.0/16 acl EXT_nineteen src 172.19.0.0/16 # # Define the Cache Peers (these are on a private Gbit Conn) # acl ICP_ONE src 172.16.2.9 acl ICP_TWO src 172.16.2.10 # acl all src 0.0.0.0/255.255.255.255 acl manager proto cache_object # http_access allow RAS http_access allow Old_Net http_access deny Old_Corp http_access allow ACME http_access allow Bldg_One http_access allow Bldg_Two http_access allow Bldg_Three http_access allow Bldg_Four # http_access allow EXT_sixteen http_access allow EXT_seventeen http_access allow EXT_eighteen http_access allow EXT_nineteen # http_access allow ICP_ONE http_access allow ICP_TWO # http_access deny all acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 # # Define Safe Ports to use. # acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http # # Define SSL Ports # acl SSL_ports port 443 563 acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_reply_access allow RAS http_reply_access allow Old_Net http_reply_access allow Old_Corp http_reply_access allow ACME http_reply_access allow Bldg_One http_reply_access allow Bldg_Two http_reply_access allow Bldg_Three http_reply_access allow Bldg_Four # http_reply_access allow EXT_sixteen http_reply_access allow EXT_seventeen http_reply_access allow EXT_eighteen http_reply_access allow EXT_nineteen # http_reply_access allow ICP_ONE http_reply_access allow ICP_TWO # http_reply_access allow all cache_mgr cachemgr@MYCORP.COM visible_hostname pxyc1ps1 logfile_rotate 8 coredump_dir /u1/squid/var/cache cache_effective_user nobody cache_effective_group nobody icp_port 3130 icp_access allow ICP_TWO icp_access deny all cache_peer 172.16.2.10 sibling 8080 3130 peer_connect_timeout 10 seconds dns_testnames localhost